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Amendments to the Claims 

1 . (Currently Amended) A method comprising: 

receiving a resource request from a first requestor, the resource request including 
credentials and identifying information regarding an operation to be performed with 
respect to a resource; 

mapping the resource request to a resource identifier; 

translating the resource request to a resource inquiry request, the resource inquiry 
request including a resource authorization parameter representing the permission level 
necessary for a client to perform the operation; 

searching a resource data structure for a resource node based on the resource 
identifier; and 

determining whether the first requestor is authorized to perform the operation 
with respect to the resource based on whether the credentials in the resource request 
match the resource authorization parameter associated with the resource node. 

2. (Original) The method of claim 1 wherein searching includes searching resource nodes 
each of which represents a resource and includes a resource identifier. 

3. (Original) The method of claim 1 wherein searching includes searching a directed 
graph structure. 

4. (Original) The method of claim 1 wherein receiving a resource request includes 
receiving a digital certificate conforming to a simplified public key infrastructure. 

5. (Previously Presented) The method of claim 1 wherein mapping includes mapping the 
resource request to the resource identifier and the resource authorization parameter 
including an owner level authorizing complete access to the resource. 

6. (Previously Presented) The method of claim 1 wherein mapping includes mapping the 
resource request to the resource identifier and the resource authorization parameter 
including an editor level authorizing read/write access to the resource. 

7. (Previously Presented) The method of claim 1 wherein mapping includes mapping the 
resource request to the resource identifier and the resource authorization parameter 
including a reviewer level authorizing read only access to the resource. 

8. (Previously Presented) The method of claim 1 wherein mapping includes mapping the 
resource request to the resource identifier and the resource authorization parameter 
including a none level denying all access to the resource. 

9. (Original) The method of claim 1 including delegating the credentials of a child node 
to a parent node in the resource data structure. 

10. (Original) The method of claim 9 in which the resource request is handled based on 
the delegated credentials. 
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1 1 . (Original) The method of claim 1 wherein the resource request originates from a 
client computer directed to a server computer over a network. 

12. (Currently Amended) An apparatus comprising: 

a memory for storing a resource data structure having resource nodes each of 
which represents a respective resource and which has a respective resource identifier^ and 
a resource authorization credential and a resource authorization level param e t e r ; and 
a processor configured to: 

receive a resource request from a first requestor, the resource request 
including credentials and identifying information representing an operation to be 
performed with respect to a resource; 

map the resource request to a resource identifier; 

search the resource data structure for a resource node based on the 
resource identifier; and 

determine whether the first requestor is authorized to perform the 
operation with respect to the resource based on whether the credentials in the 
resource request match the resource authorization credential and the resource 
authorization level parameter associated with the resource node. 

13. (Original) The apparatus of claim 12 wherein the resource data structure comprises a 
directed graph structure. 

14. (Original) The apparatus of claim 12 wherein the credentials include a digital 
certificate conforming to a simplified public key infrastructure. 

15. (Currently Amended) The apparatus of claim 12 wh e r e in th e r e sourc e nod e s furth e r 
compris e a r e sourc e authorization l e v e l, wherein the resource authorization level includes 
an owner level authorizing complete access to the resource. 

16. (Currently Amended) The apparatus of claim 12 wher e in th e r e sourc e nod e s furth e r 
compris e a r e sourc e authorization l e v e l, wherein the resource authorization level includes 
an editor level authorizing read/write access to the resource. 

17. (Currently Amended) The apparatus of claim 12 wh e r e in th e r e sourc e nod e s furth e r 
compris e a r e sourc e authorization l e v e l, wherein the resource authorization level includes 
a reviewer level authorizing read only access to the resource. 

18. (Currently Amended) The apparatus of claim 12 wh e r e in th e resourc e nod e s furth e r 
compris e a r e sourc e authorization l e v e l, wherein the resource authorization level includes 
a none level denying all access to the resource. 

19. (Previously Presented) The apparatus of claim 12 wherein the resource data structure 
includes the delegation of a resource authorization level from a child node to a parent 
node. 
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20. (Currently Amended) A system comprising: 

a first computer associated with a first requestor configured to generate resource 
requests with credentials; 

a second computer including memory storing a resource data structure with 
resource nodes each of which represents a respective resource and which has a respective 
resource identifier, a resource authorization parameter, and a resource authorization level, 
and the second computer configured to: 

receive a resource request from a first requestor, the resource request 
including credentials and identifying information representing an operation to be 
performed with respect to a resource; 

map the resource request to a resource identifier; 

translate the resource request to a resource inquiry request to include the 
resource authorization parameter, the resource authorization parameter 
representing the a permission level necessary for a client to perform the operation; 

search the resource data structure for a resource node based on the 
resource identifier; and 

determine whether the first requestor is authorized to perform the 
operation with respect to the resource based on whether the credentials in the 
resource request match the resource authorization parameter associated with the 
resource node; and 

a network over which the first and second computers communicate. 

21. (Original) The system of claim 20 wherein the resource data structure comprises a 
directed graph data structure. 

22. (Original) The system of claim 20 wherein the credentials include a digital certificate 
conforming to a simplified public key infrastructure. 

23. (Currently Amended) The system of claim 20 wherein the resource authorization , 
level includes a the permission level from the group consisting of owner level, editor 
level, reviewer level, none level. 

24. (Original) The system of claim 20 including the delegation of the credentials from a 
child node to a parent node. 

25. (Original) The system of claim 20 including the delegation of credentials associated 
with the first requestor to a second requestor wherein the second requestor can request 
resources using the credentials from the first requestor as if it were the first requestor. 

26. (Currently Amended) An article comprising a computer readable medium that stores 
computer executable instructions for causing a computer system to: 

map a resource request to a resource identifier, in response to receiving the 
resource request from a first requestor, the resource request including credentials and 
identifying information representing an operation to be performed with respect to a 
resource; 
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translate the resource request to a resource inquiry request, the resource inquiry 
request including a resource authorization parameter representing the permission level 
necessary for a client to perform the operation; 

search a resource data structure for a resource node based on the resource 
identifier; and 

determine whether the first requestor is authorized to perform the operation with 
respect to the resource based on whether the credentials in the resource request match the 
resource authorization parameter associated with the resource node. 

27. (Previously Presented) The article of claim 26 including instructions for causing the 
computer system to have a directed graph data structure with resource nodes representing 
resources including the resource identifier and a resource authorization level. 

28. (Original) The article of claim 26 including instructions for causing the computer 
system to have digital certificates conforming to a simplified public key infrastructure. 

29. (Original) The article of claim 26 including instructions for causing the computer 
system to delegate the credentials of a child node to a parent node. 

30. (Original) The article of claim 26 including instructions for causing the computer 
system to delegate the credentials associated with the first requestor to a second requestor 
to allow the second requestor to request resources using the credentials from the first 
requestor as if it were the first requestor. 



